I've been wondering why the CF team has not switched over to using J2EE security. A rewrite of cflogin code that can use JAAS would be just swell and allow integration with non CF J2EE products without messing with web.xml files and such, eh?
DK On 3/27/06, wolf2k5 <[EMAIL PROTECTED]> wrote: > On 3/26/06, Adam Churvis <[EMAIL PROTECTED]> wrote: > > It doesn't work that way. Since your CFLOGINUSER call is inside a CFLOGIN > > call, that CFLOGIN call *won't* run when the second server sees your > > authentication cookie because CFLOGIN only runs when you are *not* > > authenticated. > > Actually, according to my testing (ColdFusion 6.1 with the Updater), > when the second server sees the cflogin cookie, it will automatically > run the cflogin/cfloginuser code and authenticate/authorize the user. > > Can anyone verify this with ColdFusion MX 7? > > Thanks. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236287 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
